Solved

Accessing MPLS network via VPN

Posted on 2013-11-21
4
247 Views
Last Modified: 2014-01-08
Hi -

I'm using a Cisco ASA 5510 8.4(5) ASDM 7.1(1)52.

I currently have a remote access VPN setup (IPSEC) and I'm trying to find out how to be able to access my other sites via my MPLS network while connected via VPN.

I'm able to access the primary site with no issues.
0
Comment
Question by:emeka57
  • 2
  • 2
4 Comments
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 39667334
See:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_22821183.html

Using this notation:
A is the main site/subnet
B is the MPLS remote site/subnet
C is the remote VPN site/subnet

What you need is this:
Packets from C destined for B via A first by VPN then by MPLS.
These packets must somehow get into the VPN in the first place.
These packets must appear at A and be routed to the MPLS device.
If the VPN and the MPLS devices are the same then this may help.
I've never been able to get it to work with RV042 site-to-site VPNs.

Example:
Main site with an important VPN link to a 3rd party using a 3rd party ASA as VPN device.
Reach the 3rd party from a remote site via another VPN on another VPN device.

I'd like to see a clear answer for How To? if it's possible.
0
 

Author Comment

by:emeka57
ID: 39708826
I'm not sure how to accomplish that via ASDM.
0
 

Author Comment

by:emeka57
ID: 39723813
Anyone know how to address this?
0
 
LVL 25

Accepted Solution

by:
Fred Marshall earned 500 total points
ID: 39724614
At least some encouragement:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_22821183.html

B<>MPLS<>A<>VPN<>C

In many ways the MPLS is simpler than the VPN in that encryption need not be implemented.  Or, one may desire to run VPN over MPLS for security purposes.  In the latter case it would be:

B <> VPN(MPLS) <> A <> VPN(Internet) <> C

The key appears to be routing at A.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now